#!/bin/sh

uci -q batch <<-EOF >/dev/null
	set network.vpn0="interface"
	set network.vpn0.ifname="tun0"
	set network.vpn0.proto="none"
	commit network
	
	delete firewall.vpn
	delete firewall.vpnwan
	delete firewall.vpnlan
	delete firewall.openvpn
	add firewall rule 
	rename firewall.@rule[-1]="openvpn"
	set firewall.@rule[-1].name="openvpn"
	set firewall.@rule[-1].target="ACCEPT"
	set firewall.@rule[-1].src="wan"
	set firewall.@rule[-1].proto="tcp udp"
	set firewall.@rule[-1].dest_port="1194"
	add firewall zone
	rename firewall.@zone[-1]="vpn"
	set firewall.@zone[-1].name="vpn"
	set firewall.@zone[-1].input="ACCEPT"
	set firewall.@zone[-1].forward="ACCEPT"
	set firewall.@zone[-1].output="ACCEPT"
	set firewall.@zone[-1].masq="1"
	set firewall.@zone[-1].network="vpn0"
	add firewall forwarding
	set firewall.@forwarding[-1].src="vpn"
	set firewall.@forwarding[-1].dest="wan"
	add firewall forwarding
	set firewall.@forwarding[-1].src="vpn"
	set firewall.@forwarding[-1].dest="lan"
	add firewall forwarding
	set firewall.@forwarding[-1].dest='vpn'
	set firewall.@forwarding[-1].src='lan'
	commit firewall
EOF

rm -f /tmp/luci-indexcache
exit 0
